CVE-2020-15173

CVSS V2 High 7.5 CVSS V3 Critical 9.8
Description
In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6. If your application is used in open networks or there are untrusted nodes in the network it is highly recommended to apply the patch. The problem was patched with commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b As a workaround changes of commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be applied to older versions.
Overview
  • CVE ID
  • CVE-2020-15173
  • Assigner
  • security-advisories@github.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2020-09-09T23:15:10
  • Last Modified Date
  • 2021-11-18T17:48:21
Weakness Enumerations
CWE URL
CWE-120 http://cwe.mitre.org/data/definitions/120.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:accel-ppp:accel-ppp:*:*:*:*:*:*:*:* 1 OR 1.12.0-92-g38b6104
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 7.5
  • Severity
  • HIGH
  • Exploitability Score
  • 10
  • Impact Score
  • 6.4
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 9.8
  • Base Severity
  • CRITICAL
  • Exploitability Score
  • 3.9
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
https://github.com/accel-ppp/accel-ppp/security/advisories/GHSA-rr68-fchr-69vf Third Party Advisory
https://github.com/accel-ppp/accel-ppp/commit/2324bcd5ba12cf28f47357a8f03cd41b7c04c52b Patch Third Party Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2020-15173
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15173
History
Created Old Value New Value Data Type Notes
2022-05-10 06:45:50 Added to TrackCVE
2022-12-04 22:18:27 2020-09-09T23:15Z 2020-09-09T23:15:10 CVE Published Date updated
2022-12-04 22:18:27 2021-11-18T17:48:21 CVE Modified Date updated
2022-12-04 22:18:27 Analyzed Vulnerability Status updated